Tag
Off-by-one error in the PDF functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service via a crafted document.
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
Overview This ICS-CERT Advisory is a follow-up to ICS-ALERT-11-080-01. An independent researcher has identified six vulnerabilities in the Siemens Tecnomatix FactoryLink supervisory control and data acquisition (SCADA) product. The researcher has also publicly released exploit code. The researcher identified the following vulnerabilities types: Buffer overflow (2 vul) Absolute Path Traversal (3 vul) NULL Pointer Dereference (1 vul). Siemens has released a patch addressing the identified vulnerablities. ICS-CERT has not yet validated this patch. --------- Begin Update A – Part 1 of 1 -------- ICS-CERT has confirmed that the patch developed by Siemens fully addresses the reported vulnerabilities. --------- End Update A – Part 1 of 1 -------- Affected Products These vulnerabilities affect all versions of Siemens Tecnomatix FactoryLink prior to and including Version 8.0.1.1473. Impact Successful exploitation of the reported vulnerabilities could allow an attacker to perform multiple malici...
Overview The sun generates solar flare and coronal mass ejection (CME) events in an approximate 11-year cycle. The plasma clouds generated from these events have the potential to cause geomagnetic storms that can interfere with terrestrial communications and other electronic systems, posing a risk to critical infrastructure. In a recent case, Earth-orbiting satellites detected the strongest magnetic storm in more than 4 years resulting from a solar flare and CME event.National Oceanic and Atmospheric Administration (NOAA), Space Weather Prediction Center, http://www.swpc.noaa.gov/sxi/index.html, last accessed March 1, 2011. Figure 1 illustrates the size of the CME shockwave edge in relation to the size of the sun at the point of the eruption. Figure 1. X2-solar flare and coronal mass ejection at the time of the eruption. At 0156 UT on February 15, 2011, Active Region 11158 unleashed an X2-class eruption.James A. Marusek, “Solar Storm Threat Analysis,” http://www.breadandbuttersc...
Overview This advisory is a follow-up to ICS-ALERT-11-066-01 - WellinTech KingView 6.53 ActiveX Vulnerability, published on the ICS-CERT Web page on March 7, 2011. An independent security researcher reported a stack-based buffer overflow vulnerability in an ActiveX control in WellinTech KingView V6.53. The researcher has publicly released exploit code for this vulnerability. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code. WellinTech has released an update for the vulnerable file. ICS-CERT has confirmed the update resolves the vulnerability. Affected Products This vulnerability affects all language versions of WellinTech KingView V6.53. Impact Because KingView is widely used in many sectors and different applications, the impact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their environment, architec...
Overview An independent security researcher has published information to a vulnerability disclosure website regarding a buffer overflow vulnerability in the Wonderware InBatch and I/A Series Batch software products (all supported versions). According to the researcher’s report, the service listening on TCP Port 9001 is vulnerable to a buffer overflow that could cause denial of service (DOS) or the possible execution of arbitrary code. This vulnerability is remotely exploitable and exploit code is publicly available. --------- Begin Update A Part 1 of 2 ---------- Invensys has validated the researcher’s claim and has released a patch for this vulnerability. The patch can be downloaded at Invensys Cyber Security Updates page.a ICS-CERT has validated the patch. ---------- End Update A Part 1 of 2 ---------- ICS-CERT is coordinating this vulnerability disclosure with Invensys and the CERT Coordination Center (CERT/CC). Affected Products This vulnerability affects all supported versions of ...
Overview McAfee has published a white paper titled “Global Energy Cyberattacks: Night Dragon,”McAfee, http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf, accessed February 10, 2011. which describes advanced persistent threat activity designed to obtain sensitive data from targeted organizations in the global oil, energy, and petrochemical industries. According to the report, this activity began in 2009 or potentially as early as 2007. Impact The threat McAfee identifies as Night Dragon focused specifically on the energy sector; however, the tools and techniques used by Night Dragon can be highly successful when targeting any industry. Other sectors may also be vulnerable and under similar persistent cyber espionage attacks. Background According to the report, the attacks have been ongoing since November 2009 and involve social engineering, spear-phishing attacks, exploitation of Microsoft Windows operating systems vulnerabilities, Microsoft ...
Overview The US Federal Aviation Administration (FAA) has issued two flight advisories identifying planned Global Positioning System (GPS) temporary outages and the affected areas, due Department of Defense testing. During testing, the GPS signal may be unreliable or unavailable. ICS-CERT is issuing this advisory as a follow up to yesterday’s alert to notify industrial control systems (ICS) owners and operators whose control systems employ GPS for timing reference or positioning data of possible intermittent GPS service during the testing. FAA Advisories for GPS Testing CHLK GPS 11-06 Location: Porterville, CAFAA, “Flight Advisory GPS Testing CHLK GPS 11-06 January 16−23, 2011, Porterville, CA,” http://www faasafety.gov/files/notices/2011/Jan/Flight advisory porterville GPS.pdf, accessed January 24, 2011. Date: January 16 through January 23, 2011. Duration: This test has been completed. CSFTL GPS 11-01 Location: Brunswick, GAFAA, “Flight Advisory GPS Testing CSFTL GPS 11-01 January 20−...
strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.